Vulnerabilities > Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-10-19 CVE-2020-7191 Expression Language Injection vulnerability in HP Intelligent Management Center
A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7190 Expression Language Injection vulnerability in HP Intelligent Management Center
A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7189 Expression Language Injection vulnerability in HP Intelligent Management Center
A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7188 Expression Language Injection vulnerability in HP Intelligent Management Center
A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7187 Expression Language Injection vulnerability in HP Intelligent Management Center
A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7186 Expression Language Injection vulnerability in HP Intelligent Management Center
A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7185 Expression Language Injection vulnerability in HP Intelligent Management Center
A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7184 Expression Language Injection vulnerability in HP Intelligent Management Center
A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7183 Expression Language Injection vulnerability in HP Intelligent Management Center
A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0
2020-10-19 CVE-2020-7182 Expression Language Injection vulnerability in HP Intelligent Management Center
A sshconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.0
9.0